Lucene search
K

436 matches found

Positive Technologies
Positive Technologies
added 2025/04/03 12:0 a.m.3 views

PT-2025-17267

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically fixing NULL dereferences in the ef100 process design param function. The issue arose because ef100 probe main and ef10...

5.5CVSS6AI score0.00217EPSS
Exploits0
OSV
OSV
added 2025/04/01 4:15 p.m.9 views

DEBIAN-CVE-2025-21941

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in resourcebuildscalingparams Null pointer dereference issue could occur when pipectx-planestate is null. The fix adds a check to ensure 'pipectx-planestate' is not null befo...

5.5CVSS5.7AI score0.00194EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition in the PCM hwparams and hwfree calls...

7.8CVSS5.5AI score0.00291EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: For Wi-Fi-related modules, such as mwifiex: The issue of warning messages during memcpy operations that span multiple fields in mwifiexconfigscan has been fixed. To address this issue, replace the one-element array in the struct...

5.5CVSS6.3AI score0.00288EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/01/06 12:0 a.m.5 views

The vulnerability of the PlaybackParams class in the Mozilla Firefox browser and Thunderbird email client allows a perpetrator to access confidential data.

The vulnerability of the PlaybackParams class in Mozilla Firefox and Thunderbird’s email client is related to synchronization errors when using a common resource “Race Situation”. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

7.8CVSS5.9AI score0.00337EPSS
Exploits0References14Affected Software4
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/19 10:52 a.m.3 views

Malicious code in payment-tx-params-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6861efcfa7f8e30a646e9a76387e80446245c2f7ce4966e55da1c8e6d34fcd9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2024/12/19 10:52 a.m.4 views

MAL-2024-12020 Malicious code in payment-tx-params-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6861efcfa7f8e30a646e9a76387e80446245c2f7ce4966e55da1c8e6d34fcd9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/24 12:0 a.m.11 views

CVE-2024-45262

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800, and AX1800 4.6.2. The params parameter in the call method of the /rpc endpoint is vulnerable to arbitrary directory traversal, which enables attackers to execute scripts under any path...

7.3AI score0.00647EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2024/10/21 3:38 p.m.24 views

CVE-2024-47683

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link why Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOP...

5.5CVSS6.9AI score0.00234EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/10/21 11:53 a.m.12 views

CVE-2024-47720 drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for setoutputgamma in dcn30setoutputtransferfunc This commit adds a null check for the setoutputgamma function pointer in the dcn30setoutputtransferfunc function. Previously, setoutputgamma was bei...

0.00219EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/10/21 11:53 a.m.11 views

CVE-2024-47683 drm/amd/display: Skip Recompute DSC Params if no Stream on Link

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link why Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOP...

6.9AI score0.00234EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/10/21 11:53 a.m.24 views

CVE-2024-47683 drm/amd/display: Skip Recompute DSC Params if no Stream on Link

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link why Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOP...

0.00234EPSS
Exploits0References5
OSV
OSV
added 2024/10/21 11:53 a.m.14 views

CVE-2024-47683 drm/amd/display: Skip Recompute DSC Params if no Stream on Link

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link why Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOP...

5.5CVSS6.1AI score0.00234EPSS
Exploits0References9
NVD
NVD
added 2024/10/09 4:15 a.m.22 views

CVE-2024-25282

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage...

Exploits1
NVD
NVD
added 2024/10/09 4:15 a.m.21 views

CVE-2024-25283

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage...

Exploits1
Vulnrichment
Vulnrichment
added 2024/10/09 12:0 a.m.11 views

CVE-2024-25282

3DSecure 2.0 allows XSS in its 3DSMethod Authentication via a modified params parameter in a /rest/online request with a /redirect?action=challenge&txn= substring...

5.3AI score
Exploits1References2
CVE
CVE
added 2024/10/09 12:0 a.m.54 views

CVE-2024-25282

Redsys 3DSecure 2.0 (3DS Method Authentication) is reported vulnerable to Cross‑Site Scripting (XSS) via a modified params parameter in a /rest/online request with a /redirect?action=challenge&txn=... path. Root cause: insufficient sanitization/validation of the params field, which is base64-enco...

6.1AI score
Exploits1
Cvelist
Cvelist
added 2024/10/09 12:0 a.m.17 views

CVE-2024-25282

...

Exploits1
Kitploit
Kitploit
added 2024/09/19 11:30 a.m.76 views

Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests

Mass Assigner is a powerful tool designed to identify and exploit mass assignment vulnerabilities in web applications. It achieves this by first retrieving data from a specified request, such as fetching user profile data. Then, it systematically attempts to apply each parameter extracted from th...

7.4AI score
Exploits0References1
CVE
CVE
added 2024/09/18 4:47 p.m.89 views

CVE-2024-45813

CVE-2024-45813 affects the find-my-way HTTP router. A bad regular expression is generated when two parameters exist within a single segment, notably with a trailing dash (e.g., ":/a-:b-"). This can lead to a Denial of Service in some cases. Affected versions require upgrade to find-my-way v8.2.2 ...

5.3CVSS6.9AI score0.00674EPSS
Exploits0References3
Rows per page
Query Builder